September 27th, 2010, 02:51 AM
Hope you can help...
I am not an IT professional, but am in need of help from one...or two.
To make a long story short, I was having a discrepancy with a previous employer about the existence of an email. They claimed that they could not find it, and unfortunately, I had canceled my account with my ISP and no longer had the original email. I contacted the ISP (Verizon) and they were able to provide me with the email and full headers.
Prior to this, I knew very little about headers. When I sent the company the information from Verizon, they told me that they still questioned the message because they were still unable to locate it on their server. I've never had much confidence in their IT team. They are saying that they were using the "Message-ID" to located it and were unable to do so. I've tried to research what the purpose of the message-id is, but other than knowing that it can contain a time-date stamp (which this one does, plus another little code after it) I don't know much else.
My questions: Is a message-id a piece of an email header that an IT professional could use to find the email on the server? Are there any other components of a header that could be used? Are they just messing with me?
September 27th, 2010, 03:42 PM
The problem is headers can be forged......
and depending on how old the message is will determine the recovery method.
a quick google search will give you all the info you need on email headers
How people treat you is their karma- how you react is yours-Wayne Dyer
September 27th, 2010, 06:19 PM
Also, the email server setup is a big variable. Front end, back end servers. Multiple multi homed servers. Now if it is a publicly owned company in the U.S. The company has to have a policy stating how long they keep email. If you are in a legal dispute and
1: The policy states email is kept for 1 and they can't find an email lesss than a year old -YOU WIN
2: Same policy but during discovery your legal guys find an email older than 1 year - YOU WIN.
Trust me on these two rules. Especially #2. Retention policy really means deletion policy. Doesn't matter if the email has anything to do with the case. If defense proves that company does not follow own rules. You win by default.
EDIT This site may help http://www.mxtoolbox.com/EmailHeaders.aspx
Last edited by dinowuff; September 27th, 2010 at 06:23 PM.
By wolfman1984 in forum Security News
Last Post: September 4th, 2010, 08:10 AM
By wolfman1984 in forum Training/Conference Reviews
Last Post: June 6th, 2008, 08:00 AM
By entemps in forum Roll Call
Last Post: March 31st, 2005, 08:32 AM
By KorpDeath in forum Cosmos
Last Post: February 21st, 2003, 03:41 AM
By BrainStop in forum AntiOnline's General Chit Chat
Last Post: March 7th, 2002, 02:14 AM